diff --git a/.github/workflows/release-please.yaml b/.github/workflows/release-please.yaml
index f3a32cf..6cc89e5 100644
--- a/.github/workflows/release-please.yaml
+++ b/.github/workflows/release-please.yaml
@@ -122,7 +122,7 @@ jobs:
           push-to-registry: true
 
       - name: Trivy vulnerability scan
-        uses: aquasecurity/trivy-action@a9c7b0f06e461e9d4b4d1711f154ee024b8d7ab8 # v0.36.0
+        uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0
         with:
           image-ref: ${{ steps.refs.outputs.ecr_image }}
           severity: CRITICAL,HIGH